WebSocket through OPNsense/Squid

Started by mokaz, December 14, 2024, 02:46:46 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 14, 2024, 02:46:46 PM
Hi there all,

I have a simple explicit proxy setup in which I didn't exclude (yet) a Guacamole host used for Remote Access (internal/external).
While connecting to that system through the OPNsense/Squid setup, I could log on with no issue although any Remote Access connection wouldn't work.
These are WebSocket based, is this possible through Squid? Have I missed some config options?

I have for now updated my wpad.dat with a DIRECT directive to that host and all is fine, just more for my knowledge.

Let me know,
Kind regards,
m.

December 15, 2024, 12:13:17 AM #1 Last Edit: December 15, 2024, 01:48:56 PM by mokaz
Found a plausible explanation / need to test without SSL Bump'in :

https://stackoverflow.com/questions/45084436/squid3-proxy-server-ssl-bump-blocking-web-socket-connections

----
Squid doesn't support websocket natively, only through CONNECT tunnel, which your client has to be aware of -- which it won't be if you are MITMing connections.
----

EDIT: just tested, without SSL Bump, WebSocket is working all fine..
Print
Go Up Pages1
User actions